Abstract
By combining SOMs network and genetic algorithms, a genetic SOM (Self-Organizing Map) clustering algorithm for intrusion detection is proposed in this paper. In our algorithms, genetic algorithm is used to train the synaptic weights of SOMs. Computer experiments show that GSOMC produces good results on small data sets. Some discussions of the number of clusters K and future work is also given.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Lee, W.: A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems. Ph.D. Thesis, Columbia University, USA (1999)
Lee, W., Stolfo, S.J., Mok, K.: Data Mining in Work Flow Environments: Experience in Intrusion Detection. In: Proceedings of the 1999 Conference on Knowledge Discovery and Data Mining (KDD 1999), San Diego, pp. 114–124 (1999)
Lee, W., Stolfo, S.J.: Data Mining Approaches for Intrusion Detection. In: Proceedings of the 1998 USENIX Security Symposium, San Antonio, pp. 79–84 (1998)
Eskin, E.: Anomaly Detection over Noisy Data Using Learned Probability Distributions. In: Proceedings of the International Conference on Machine Learning, USA, pp. 255–262 (2000)
Anderberg, M.R.: Cluster Analysis for Application. Academic Press, New York (1973)
Kohonen, T.: Self-Organizing Maps, 3rd edn. Springer, Heidelberg (2000) ISBN 3-540-67921-9
Lichodzijewski, P., Zincir-Heywood, A.N., Heywood, M.I.: Host-based Intrusion Detection Using Self-Organizing Maps. In: IEEE International Joint Conference on Neural Networks, pp. 1714–1719 (2002)
Hoglund, A.J., Hatonen, K., Sorvari, A.S.: A computer Host Based User Abnormal Detection System Using the Self Organizing Map. In: Proceedings of the International Joint Conference on Neural Networks, IEEE IJCNN, vol. 5, pp. 411–416 (2000)
Cannady, J.: Artificial Neural Networks for Misuse Detection. In: Proceedings of the 1998 National Information Systems Security Conference (NISSC 1998), pp. 443–456 (1998)
Girardin, L.: An Eye on Network Intruder Administrator Shootouts. In: Proceedings of the workshop on Intrusion Detection and Network Monitoring (ID 1999), pp. 19–28 (1999)
Ramadas, M., Ostermann, S., Tjaden, B.: Detecting Anomalous Network Traffic with Self-Organizing Maps. In: Recent Advances in Intrusion Detection, 6th International Symposium, pp. 36–54 (2003)
Babu, G.P., Murty, M.N.: Clustering with Evolution Strategies. Pattern Recognition 27, 321–329 (1994)
KDD 1999 Cup data set (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ma, Z. (2005). A Genetic SOM Clustering Algorithm for Intrusion Detection. In: Wang, J., Liao, XF., Yi, Z. (eds) Advances in Neural Networks – ISNN 2005. ISNN 2005. Lecture Notes in Computer Science, vol 3498. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427469_68
Download citation
DOI: https://doi.org/10.1007/11427469_68
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25914-5
Online ISBN: 978-3-540-32069-2
eBook Packages: Computer ScienceComputer Science (R0)